Re: Should *.gnome.org use OpenID.net?



On 14/06/07, Jeff Waugh <jdub perkypants org> wrote:
<quote who="Thomas Wood">

> Art.gnome.org is currently undergoing a revamp by Bruno Santos as part of
> the Google Summer of Code project. We've been considering what
> authentication system to implement and it has been suggested for a long
> time that it would be good if all gnome.org sites used the same login
> system. We've looked at using OpenID.net, so would it be possible for
> other gnome.org sites to use this system? Could gnomedesktop.org and
> gnomesupport.org also offer OpenID as an alternative?

Blogo (blogs.gnome.org) will be OpenID enabled soon. This doesn't help us
*too* much with SSO for all of gnome.org, unless we set up a GNOME OpenID
provider and not only authenticated against it (that's the easy part) but
did special *authorisation* based on having a gnome.org OpenID... That is
somewhat more complicated. If we allowed people to assoicate a "foreign"
OpenID with a GNOME login, that would be interesting... But would require
even further authorisation hacks to work. 8)

Not saying it's impossible, just pointing out that it's not a silver bullet.

If you are looking at using OpenID as a single signon solution for
Gnome.org services, it is probably worth checking out the 2.0 draft
specification (namely the identifier select feature).

If you just want a login system for particular sites that uses
external OpenID providers, the existing 1.1 spec should be good
enough.

James.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]